Authenticate socket.io incoming connections with JWTs.
Authenticate socket.io incoming connections with JWTs.
This repository was originally forked from auth0-socketio-jwt and it is not intended to take any credit but to improve the code from now on.
Note: It is a package that is recommended to use/install on both the client and server sides.
npm install --save @thream/socketio-jwtimport { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
}),
)
io.on("connection", async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
const clients = await io.sockets.allSockets()
if (clients != null) {
for (const clientId of clients) {
const client = io.sockets.sockets.get(clientId)
client?.emit("messages", { message: "Success!" })
// we can access the jwt payload of each connected client
console.log(client?.decodedToken)
}
}
})import jwksClient from "jwks-rsa"
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
const client = jwksClient({
jwksUri: "https://sandrino.auth0.com/.well-known/jwks.json",
})
const io = new Server(9000)
io.use(
authorize({
secret: async (decodedToken) => {
const key = await client.getSigningKeyAsync(decodedToken.header.kid)
return key.getPublicKey()
},
}),
)
io.on("connection", async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
})import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
onAuthentication: async (decodedToken) => {
// return the object that you want to add to the user property
// or throw an error if the token is unauthorized
},
}),
)
io.on("connection", async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
// user object returned in onAuthentication
console.log(socket.user)
})secretis a string containing the secret for HMAC algorithms, or a function that should fetch the secret or public key as shown in the example withjwks-rsa.algorithms(default:HS256)onAuthenticationis a function that will be called with thedecodedTokenas a parameter after the token is authenticated. Return a value to add to theuserproperty in the socket object.
import { io } from "socket.io-client"
import { isUnauthorizedError } from "@thream/socketio-jwt/build/UnauthorizedError.js"
// Require Bearer Token
const socket = io("http://localhost:9000", {
auth: { token: `Bearer ${yourJWT}` },
})
// Handling token expiration
socket.on("connect_error", (error) => {
if (isUnauthorizedError(error)) {
console.log("User token has expired")
}
})
// Listening to events
socket.on("messages", (data) => {
console.log(data)
})Anyone can help to improve the project, submit a Feature Request, a bug report or even correct a simple spelling mistake.
The steps to contribute can be found in the CONTRIBUTING.md file.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![allcontributors[bot] avatar](https://avatars.githubusercontent.com/in/23186?v=4 "allcontributors[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent